aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/modules')
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java28
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java5
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java5
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java8
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java19
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java22
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java5
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java17
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java (renamed from id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/EidasMetaDataServlet.java)64
-rw-r--r--id/server/modules/moa-id-module-openID/pom.xml16
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java2
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java9
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java24
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java2
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java9
-rw-r--r--id/server/modules/moa-id-modules-saml1/pom.xml14
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java4
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java4
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java12
-rw-r--r--id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java2
-rw-r--r--id/server/modules/module-stork/pom.xml27
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java31
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java7
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java6
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java6
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java2
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java11
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java12
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java2
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java4
-rw-r--r--id/server/modules/pom.xml4
33 files changed, 278 insertions, 121 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 0850bb676..11917d0c3 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -371,6 +371,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* containg the authentication block, meant to be returned to the security
* layer implementation</li>
* </ul>
+ * @param pendingReq
*
* @param sessionID ID of associated authentication session data
* @param infoboxReadResponseParameters The parameters from the response returned from the BKU
@@ -379,7 +380,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* <code>&lt;CreateXMLSignatureRequest&gt;</code>
*/
public String verifyCertificate(AuthenticationSession session,
- X509Certificate certificate) throws AuthenticationException,
+ X509Certificate certificate, IRequest pendingReq) throws AuthenticationException,
BuildException, ParseException, ConfigurationException,
ValidateException, ServiceException, MOAIDException {
@@ -409,7 +410,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
- authConf, oaParam);
+ authConf, oaParam, pendingReq);
return returnvalue;
}
@@ -471,6 +472,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* @param session
* @param authConf
* @param oaParam
+ * @param pendingReq
* @return
* @throws ConfigurationException
* @throws BuildException
@@ -478,7 +480,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
*/
public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
AuthenticationSession session, AuthConfiguration authConf,
- OAAuthParameter oaParam) throws ConfigurationException,
+ OAAuthParameter oaParam, IRequest pendingReq) throws ConfigurationException,
BuildException, ValidateException {
// // check for intermediate processing of the infoboxes
@@ -493,7 +495,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
session.getPublicOAURLPrefix());
// builds the AUTH-block
- String authBlock = buildAuthenticationBlock(session, oaParam);
+ String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq);
// builds the <CreateXMLSignatureRequest>
List<String> transformsInfos = authConf.getTransformsInfos();
@@ -665,12 +667,13 @@ public class AuthenticationServer extends BaseAuthenticationServer {
* given session data.
*
* @param session authentication session
+ * @param pendingReq
* @return <code>&lt;saml:Assertion&gt;</code> as a String
* @throws BuildException If an error occurs on serializing an extended SAML attribute
* to be appended to the AUTH-Block.
*/
private String buildAuthenticationBlock(AuthenticationSession session,
- OAAuthParameter oaParam) throws BuildException {
+ OAAuthParameter oaParam, IRequest pendingReq) throws BuildException {
IdentityLink identityLink = session.getIdentityLink();
String issuer = identityLink.getName();
@@ -726,15 +729,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
if (session.isSsoRequested()) {
- String oaURL = new String();
- try {
- oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
-
- if (MiscUtil.isNotEmpty(oaURL))
- oaURL = oaURL.replaceAll("&", "&amp;");
+ String oaURL = pendingReq.getAuthURL();
+ if (MiscUtil.isNotEmpty(oaURL))
+ oaURL = oaURL.replaceAll("&", "&amp;");
- } catch (ConfigurationException e) {
- }
String authBlock = new AuthenticationBlockAssertionBuilder()
.buildAuthBlockSSO(issuer, issueInstant, authURL, target,
targetFriendlyName, identificationValue,
@@ -1087,9 +1085,9 @@ public class AuthenticationServer extends BaseAuthenticationServer {
}
// validates <CreateXMLSignatureResponse>
if (session.isSsoRequested())
- new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
+ new CreateXMLSignatureResponseValidator().validateSSO(csresp, session, pendingReq);
else
- new CreateXMLSignatureResponseValidator().validate(csresp, session);
+ new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq);
// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index 20f102571..307074ee2 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -1,6 +1,6 @@
package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
import java.io.PrintWriter;
@@ -21,7 +21,6 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
-
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
@@ -119,7 +118,7 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
}
catch (MOAIDException ex) {
-// handleError(null, ex, req, resp, pendingRequestID);
+ Logger.info("GetIdentityLink request generation FAILED. Reason:" + ex.getMessage());
throw new TaskExecutionException(ex.getMessage(), ex);
} catch (Exception e) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
index feab1ec66..1dd4780f7 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
@@ -36,7 +36,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
-import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.MOAAuthDataType;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
@@ -158,7 +157,8 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
ccc,
moasession.getModul(),
moasession.getAction(),
- request);
+ request,
+ pendingReq);
}
}
@@ -175,6 +175,7 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
} catch (MOADatabaseException | MOAIDException e) {
+ Logger.info("Initialize BKUAuthentication FAILED. Reason:" + e.getMessage());
throw new TaskExecutionException(e.getMessage(), e);
} catch (Exception e) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index 469ca91a9..49888c136 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -17,6 +17,8 @@ import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
@@ -66,7 +68,9 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
}
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
+ IRequest pendingReq = RequestStorage.getPendingRequest(
+ (String) executionContext.get("pendingRequestID"));
+
AuthenticationSession session = AuthenticationServer.getSession(sessionID);
// change MOASessionID
@@ -77,7 +81,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance();
String createXMLSignatureRequest = AuthenticationServer.getInstance()
- .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam);
+ .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, pendingReq);
AuthenticationSessionStoreage.storeSession(session);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index d99ba873d..2734d1027 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -110,7 +110,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
if (useMandate) {
// verify certificate for OrganWalter
- String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert);
+ String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert, pendingReq);
try {
AuthenticationSessionStoreage.storeSession(session);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index e1ab0025e..8a9c19c80 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -67,6 +67,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -124,9 +125,10 @@ public class CreateXMLSignatureResponseValidator {
* The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse}
* @param createXMLSignatureResponse
* @param session
+ * @param pendingReq
* @throws ValidateException
*/
- public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session)
+ public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq)
throws ValidateException {
// A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
@@ -411,20 +413,15 @@ public class CreateXMLSignatureResponseValidator {
* The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse}
* @param createXMLSignatureResponse
* @param session
+ * @param pendingReq
* @throws ValidateException
*/
- public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session)
+ public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq)
throws ValidateException {
- // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
-
- String oaURL;
- try {
- oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
- } catch (ConfigurationException e1) {
- oaURL = new String();
- }
-
+ // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
+ String oaURL = pendingReq.getAuthURL();
+
IdentityLink identityLink = session.getIdentityLink();
Element samlAssertion = createXMLSignatureResponse.getSamlAssertion();
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
index 18432fd1c..06643ec53 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
@@ -35,16 +35,6 @@ import org.apache.velocity.Template;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
-import eu.eidas.auth.commons.EIDASAuthnRequest;
-import eu.eidas.auth.commons.EIDASUtil;
-import eu.eidas.auth.commons.EidasLoaCompareType;
-import eu.eidas.auth.commons.EidasLoaLevels;
-import eu.eidas.auth.commons.IPersonalAttributeList;
-import eu.eidas.auth.commons.PersonalAttribute;
-import eu.eidas.auth.commons.PersonalAttributeList;
-import eu.eidas.auth.engine.EIDASSAMLEngine;
-import eu.eidas.auth.engine.core.eidas.SPType;
-import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -66,6 +56,16 @@ import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
+import eu.eidas.auth.commons.EIDASAuthnRequest;
+import eu.eidas.auth.commons.EIDASUtil;
+import eu.eidas.auth.commons.EidasLoaCompareType;
+import eu.eidas.auth.commons.EidasLoaLevels;
+import eu.eidas.auth.commons.IPersonalAttributeList;
+import eu.eidas.auth.commons.PersonalAttribute;
+import eu.eidas.auth.commons.PersonalAttributeList;
+import eu.eidas.auth.engine.EIDASSAMLEngine;
+import eu.eidas.auth.engine.core.eidas.SPType;
+import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
/**
* @author tlenz
@@ -141,7 +141,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
//build eIDAS AuthnRequest
EIDASAuthnRequest authnRequest = new EIDASAuthnRequest();
- authnRequest.setProviderName(moaconfig.getPublicURLPrefix());
+ authnRequest.setProviderName(pendingReq.getAuthURL());
authnRequest.setPersonalAttributeList(pAttList);
authnRequest.setIssuer(moaconfig.getPublicURLPrefix() + Constants.eIDAS_HTTP_ENDPOINT_METADATA);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java
index 238c823cf..09287e6d4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java
@@ -41,8 +41,6 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetada
import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASMetadataProviderDecorator;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
import at.gv.egovernment.moa.id.moduls.IAction;
@@ -104,8 +102,7 @@ public class AuthenticationRequest implements IAction {
response.setPersonalAttributeList(resultingAttributeList);
// - create metadata url
- AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
- String pubURLPrefix = config.getPublicURLPrefix();
+ String pubURLPrefix = req.getAuthURL();
String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA;
response.setIssuer(metadata_url);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
index 0bedf0432..374c3df30 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
@@ -2,14 +2,26 @@ package at.gv.egovernment.moa.id.protocols.eidas;
import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+
import org.opensaml.saml2.core.Attribute;
-import eu.eidas.auth.commons.EIDASAuthnRequest;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
+import eu.eidas.auth.commons.EIDASAuthnRequest;
public class EIDASData extends RequestImpl {
+ /**
+ * @param req
+ * @throws ConfigurationException
+ */
+ public EIDASData(HttpServletRequest req) throws ConfigurationException {
+ super(req);
+
+ }
+
/** The Constant serialVersionUID. */
private static final long serialVersionUID = 8765755670214923910L;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index a94e136b4..b652503f8 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -22,6 +22,11 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.eidas;
+import java.util.HashMap;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -38,11 +43,6 @@ import eu.eidas.auth.commons.EIDASAuthnRequest;
import eu.eidas.auth.commons.EIDASUtil;
import eu.eidas.auth.engine.EIDASSAMLEngine;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import java.util.HashMap;
-
/**
* Stork 2 Protocol Support
*
@@ -54,11 +54,14 @@ public class EIDASProtocol extends MOAIDAuthConstants implements IModulInfo {
public static final String PATH = "eidas";
public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest";
-
+ public static final String METADATAREQUEST = "MetadataRequest";
+
private static HashMap<String, IAction> actions = new HashMap<String, IAction>();
static {
actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
+ actions.put(METADATAREQUEST, new EidasMetaDataRequest());
+
}
public String getName() {
@@ -102,7 +105,7 @@ public class EIDASProtocol extends MOAIDAuthConstants implements IModulInfo {
EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken);
// memorize important stuff
- EIDASData result = new EIDASData();
+ EIDASData result = new EIDASData(request);
// - memorize remote ip
result.setRemoteAddress(request.getRemoteAddr());
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/EidasMetaDataServlet.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
index 33b48c0a3..66179fae4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/EidasMetaDataServlet.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
@@ -14,23 +14,22 @@
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*******************************************************************************/
-package at.gv.egovernment.moa.id.auth.modules.eidas.utils;
+package at.gv.egovernment.moa.id.protocols.eidas;
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.springframework.http.MediaType;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.data.SLOInformationInterface;
+import at.gv.egovernment.moa.id.moduls.IAction;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import eu.eidas.auth.engine.EIDASSAMLEngine;
import eu.eidas.auth.engine.metadata.MetadataConfigParams;
import eu.eidas.auth.engine.metadata.MetadataGenerator;
@@ -40,20 +39,21 @@ import eu.eidas.engine.exceptions.SAMLEngineException;
/**
* First version to provide some valid metadata to an asking eIDaS node
*/
-@WebServlet("/eidas/metadata")
-public class EidasMetaDataServlet extends HttpServlet {
- private static final long serialVersionUID = -2129228304760706063L;
- private Logger logger = org.slf4j.LoggerFactory.getLogger(EidasMetaDataServlet.class);
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- try {
+public class EidasMetaDataRequest implements IAction {
+ private Logger logger = org.slf4j.LoggerFactory.getLogger(EidasMetaDataRequest.class);
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData)
+ */
+ @Override
+ public SLOInformationInterface processRequest(IRequest req,
+ HttpServletRequest httpReq, HttpServletResponse httpResp,
+ IAuthData authData) throws MOAIDException {
+
+ try {
logger.debug("EidasMetaDataServlet GET");
- AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
- String pubURLPrefix = config.getPublicURLPrefix();
+ String pubURLPrefix = req.getAuthURL();
String metadata_url = pubURLPrefix + Constants.eIDAS_HTTP_ENDPOINT_METADATA;
@@ -68,8 +68,30 @@ public class EidasMetaDataServlet extends HttpServlet {
} catch (Exception e) {
e.printStackTrace();
}
- }
+
+
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq,
+ HttpServletResponse httpResp) {
+ return false;
+
+ }
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName()
+ */
+ @Override
+ public String getDefaultActionName() {
+ return "eIDAS-Metadata Action";
+
+ }
+
public String generateMetadata(String metadata_url, String sp_return_url) throws SAMLEngineException, EIDASEngineException{
String metadata="invalid metadata";
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 2a953bcab..080d5ae0b 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -20,6 +20,12 @@
<dependencies>
<dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ <version>1.10</version>
+ </dependency>
+
+ <dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<scope>test</scope>
@@ -35,13 +41,13 @@
<dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client-jackson2</artifactId>
- <version>1.19.0</version>
+ <version>1.21.0</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.oauth-client</groupId>
<artifactId>google-oauth-client-jetty</artifactId>
- <version>1.19.0</version>
+ <version>1.21.0</version>
<scope>test</scope>
<exclusions>
<exclusion>
@@ -67,11 +73,11 @@
</exclusions>
</dependency>
- <dependency>
+<!-- <dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>18.0</version>
- </dependency>
+ <version>19.0</version>
+ </dependency> -->
<!-- TestNG -->
<dependency>
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
index 94a1d14d0..88e26da76 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
@@ -105,7 +105,7 @@ class OAuth20AuthAction implements IAction {
//TODO: maybe add bPK / wbPK to SLO information
- SLOInformationInterface sloInformation = new SLOInformationImpl(accessToken, null, null, req.requestedModule());
+ SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), accessToken, null, null, req.requestedModule());
return sloInformation;
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index b9556b815..e5d8db873 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -48,6 +48,15 @@ import at.gv.egovernment.moa.logging.Logger;
public class OAuth20AuthRequest extends OAuth20BaseRequest {
+ /**
+ * @param req
+ * @throws ConfigurationException
+ */
+ public OAuth20AuthRequest(HttpServletRequest req)
+ throws ConfigurationException {
+ super(req);
+ }
+
private static final long serialVersionUID = 1L;
private String responseType;
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index bd3fdb3e8..5fcac0b2f 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -31,8 +31,6 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -52,8 +50,8 @@ abstract class OAuth20BaseRequest extends RequestImpl {
protected Set<String> allowedParameters = new HashSet<String>();
- protected OAuth20BaseRequest() {
-
+ public OAuth20BaseRequest(HttpServletRequest req) throws ConfigurationException {
+ super(req);
}
protected String getParam(final HttpServletRequest request, final String name, final boolean isNeeded) throws OAuth20Exception {
@@ -124,15 +122,21 @@ abstract class OAuth20BaseRequest extends RequestImpl {
public static OAuth20BaseRequest newInstance(final String action, final HttpServletRequest request, String sessionId, String transactionId) throws OAuth20Exception {
OAuth20BaseRequest res;
-
- if (action.equals(OAuth20Protocol.AUTH_ACTION)) {
- res = new OAuth20AuthRequest();
+ try {
+ if (action.equals(OAuth20Protocol.AUTH_ACTION)) {
+ res = new OAuth20AuthRequest(request);
- } else if (action.equals(OAuth20Protocol.TOKEN_ACTION)) {
- res = new OAuth20TokenRequest();
+ } else if (action.equals(OAuth20Protocol.TOKEN_ACTION)) {
+ res = new OAuth20TokenRequest(request);
- } else {
+ } else {
+ throw new OAuth20InvalidRequestException();
+ }
+
+ } catch (ConfigurationException e) {
+ Logger.warn(e.getMessage());
throw new OAuth20InvalidRequestException();
+
}
res.setAction(action);
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 56d86df72..70c29359e 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -104,7 +104,7 @@ public class OAuth20Protocol implements IModulInfo {
// get error code and description
String errorCode;
String errorDescription;
- String errorUri = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()
+ String errorUri = protocolRequest.getAuthURL()
+"/" + OAuth20Constants.ERRORPAGE;
String moaError = null;
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
index 6bebe5a6a..abfe4ce15 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -41,6 +41,15 @@ import at.gv.egovernment.moa.logging.Logger;
class OAuth20TokenRequest extends OAuth20BaseRequest {
+ /**
+ * @param req
+ * @throws ConfigurationException
+ */
+ public OAuth20TokenRequest(HttpServletRequest req)
+ throws ConfigurationException {
+ super(req);
+ }
+
private static final long serialVersionUID = 1L;
private String code;
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index 81c356ced..d0d8f6a48 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -24,7 +24,19 @@
<artifactId>moa-id-lib</artifactId>
<scope>test</scope>
<type>test-jar</type>
- <version>3.0.3-Snapshot</version>
+ <version>${moa-id-version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-lib</artifactId>
+ </dependency>
+
+ <!-- Only for development to use SAML1 protocol
+ SAML1 is removed from official OPB release -->
+ <dependency>
+ <groupId>MOA.id.server.modules</groupId>
+ <artifactId>moa-id-module-eIDAS</artifactId>
</dependency>
<dependency>
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 15c3a3358..7f3c353f1 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -85,7 +85,7 @@ public class GetArtifactAction implements IAction {
String samlArtifactBase64 = saml1server.BuildSAMLArtifact(oaParam, authData, sourceID);
if (authData.isSsoSession()) {
- String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet";
+ String url = req.getAuthURL() + "/RedirectServlet";
url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
if (!oaParam.getBusinessService())
url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8"));
@@ -114,7 +114,7 @@ public class GetArtifactAction implements IAction {
}
SLOInformationInterface sloInformation =
- new SLOInformationImpl(authData.getAssertionID(), null, null, req.requestedModule());
+ new SLOInformationImpl(req.getAuthURL(), authData.getAssertionID(), null, null, req.requestedModule());
return sloInformation;
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 7416dfb00..6573270e4 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -101,7 +101,7 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
public IRequest preProcess(HttpServletRequest request,
HttpServletResponse response, String action,
String sessionId, String transactionId) throws MOAIDException {
- SAML1RequestImpl config = new SAML1RequestImpl();
+ SAML1RequestImpl config = new SAML1RequestImpl(request);
if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) {
Logger.info("SAML1 is deaktivated!");
@@ -185,7 +185,7 @@ public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
SAML1AuthenticationServer saml1authentication = SAML1AuthenticationServer.getInstace();
String samlArtifactBase64 = saml1authentication.BuildErrorAssertion(e, protocolRequest);
- String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet";
+ String url = protocolRequest.getAuthURL() + "/RedirectServlet";
url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8"));
url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
url = response.encodeRedirectURL(url);
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
index 5370573a7..3da7cab80 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
@@ -25,6 +25,8 @@ package at.gv.egovernment.moa.id.protocols.saml1;
import java.util.ArrayList;
import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+
import org.opensaml.saml2.core.Attribute;
import at.gv.egovernment.moa.id.config.ConfigurationException;
@@ -42,6 +44,16 @@ import at.gv.egovernment.moa.logging.Logger;
*/
public class SAML1RequestImpl extends RequestImpl {
+ /**
+ * @param req
+ * @throws ConfigurationException
+ */
+ public SAML1RequestImpl(HttpServletRequest req)
+ throws ConfigurationException {
+ super(req);
+
+ }
+
private static final long serialVersionUID = -4961979968425683115L;
private String sourceID = null;
diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
index 9896f2454..13fb59038 100644
--- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
+++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
@@ -93,7 +93,7 @@ public class DatabaseTestModule implements TestModuleInterface{
private String testMOAConfigurationDatabase() throws Exception{
- String publicURLPreFix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+ List<String> publicURLPreFix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
if (MiscUtil.isEmpty(publicURLPreFix))
return ("MOA-ID 2.x configuration can not be loaded from Database.");
diff --git a/id/server/modules/module-stork/pom.xml b/id/server/modules/module-stork/pom.xml
index 1b2e3f008..2fec7f519 100644
--- a/id/server/modules/module-stork/pom.xml
+++ b/id/server/modules/module-stork/pom.xml
@@ -22,6 +22,33 @@
<dependencies>
<dependency>
+ <groupId>eu.stork</groupId>
+ <artifactId>DocumentService</artifactId>
+ <version>0.0.1-SNAPSHOT</version>
+ <classifier>classes</classifier>
+ <exclusions>
+ <exclusion>
+ <artifactId>axis</artifactId>
+ <groupId>org.apache.axis</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>bcprov-jdk16</artifactId>
+ <groupId>org.bouncycastle</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>jaxws-tools</artifactId>
+ <groupId>com.sun.xml.ws</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>eu.stork</groupId>
+ <artifactId>SamlEngine</artifactId>
+ <version>1.5.1</version>
+ </dependency>
+
+ <dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<scope>test</scope>
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
index 7c178d97e..c0422e06e 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java
@@ -1,6 +1,6 @@
package at.gv.egovernment.moa.id.auth.modules.stork.tasks;
-import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
import java.io.IOException;
import java.io.StringWriter;
@@ -17,7 +17,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.velocity.Template;
@@ -53,7 +52,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
-
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -61,9 +59,6 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.config.stork.StorkAttribute;
-
-import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
@@ -71,6 +66,21 @@ import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.id.util.VelocityProvider;
import at.gv.egovernment.moa.logging.Logger;
+import eu.stork.oasisdss.api.AdditionalProfiles;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.Profiles;
+import eu.stork.oasisdss.api.QualityLevels;
+import eu.stork.oasisdss.api.SignatureTypes;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.profile.AnyType;
+import eu.stork.oasisdss.profile.DocumentType;
+import eu.stork.oasisdss.profile.SignRequest;
+import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+import eu.stork.peps.auth.commons.PersonalAttributeList;
+import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.engine.STORKSAMLEngine;
+import eu.stork.peps.exceptions.STORKSAMLEngineException;
/**
* Creates a SAML2 STORK authentication request, embeds it in a form (in order to satisfy saml post binging) and returns the form withing the HttpServletResponse.<p/>
@@ -120,6 +130,8 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
sessionID = (String) executionContext.get(PARAM_SESSIONID);
pendingRequestID = (String) executionContext.get("pendingRequestID");
+ String ccc = (String) executionContext.get("CCC");
+
// check parameter
if (!ParamValidatorUtils.isValidSessionID(sessionID)) {
@@ -145,10 +157,13 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
// STORK authentication
// cpeps cannot be null
- CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
+ CPEPS cpeps = storkConfig.getCPEPS(ccc);
Logger.debug("Found C-PEPS configuration for citizen of country: " + moasession.getCcc());
executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported());
+ //add selected Country-Code to MOASession DAO
+ moasession.setCcc(ccc);
+
Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc());
startSTORKAuthentication(req, resp, moasession, pendingReq);
@@ -207,7 +222,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {
Logger.debug("C-PEPS URL: " + destination);
- String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+ String issuerValue = pendingReq.getAuthURL();
// String acsURL = new DataURLBuilder().buildDataURL(issuerValue,
// PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID());
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
index 8240f6d00..0ac26f45f 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java
@@ -30,7 +30,9 @@ import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;
+import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.HTTPUtils;
@@ -183,7 +185,8 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
// throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");
pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
-
+ IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+
// load MOASession from database
AuthenticationSession moaSession = BaseAuthenticationServer.getSession(moaSessionID);
// change MOASessionID
@@ -294,7 +297,7 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep
// set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID
// signRequest
- String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+ String issuerValue = pendingReq.getAuthURL();
String acsURL = issuerValue
+ AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
index 25cb952d7..2e72f216a 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java
@@ -83,7 +83,7 @@ public class AttributeCollector implements IAction {
if (httpReq.getParameter("SAMLResponse") != null) {
Logger.info("Got SAML response from external attribute provider.");
- MOASTORKResponse STORK2Response = new MOASTORKResponse();
+ MOASTORKResponse STORK2Response = new MOASTORKResponse(httpReq);
//extract STORK Response from HTTP Request
byte[] decSamlToken;
@@ -173,7 +173,7 @@ public class AttributeCollector implements IAction {
SLOInformationImpl sloInfo = (SLOInformationImpl) processRequest(container, httpReq, httpResp, authData, oaParam);
if (sloInfo == null) {
- sloInfo = new SLOInformationImpl(null, null, null, req.requestedModule());
+ sloInfo = new SLOInformationImpl(req.getAuthURL(), null, null, null, req.requestedModule());
}
return sloInfo;
@@ -297,7 +297,7 @@ public class AttributeCollector implements IAction {
Logger.info(e.getAp().getClass().getSimpleName() + " is going to ask an external service provider for the requested attributes");
// add container-key to redirect embedded within the return URL
- e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam);
+ e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam);
} catch (Exception e1) {
// TODO should we return the response as is to the PEPS?
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 4d3c01bee..f16f7c9a8 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -85,7 +85,7 @@ public class AuthenticationRequest implements IAction {
if (oaParam == null)
throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()});
- MOASTORKResponse moaStorkResponse = new MOASTORKResponse();
+ MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq);
// check if it is attribute query
if (moaStorkRequest.isAttrRequest()) {
@@ -217,9 +217,9 @@ public class AuthenticationRequest implements IAction {
String destinationURL = null;
try {
- issuer = new URL(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()).toString();
+ issuer = new URL(moaStorkRequest.getAuthURL()).toString();
destinationURL = AuthConfigurationProviderFactory.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString();
- publicURLPrefix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix();
+ publicURLPrefix = moaStorkRequest.getAuthURL();
assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest";
} catch (MalformedURLException ex) {
Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(), ex);
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 947accf8e..2b7d4e045 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -145,7 +145,7 @@ public class ConsentEvaluator implements IAction {
Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html");
VelocityContext context = new VelocityContext();
- context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId);
+ context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0) + "/stork2/GetConsent?" + ARTIFACT_ID + "=" + newArtifactId);
// assemble table
String table = "";
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 11eb01453..4e666c21c 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -26,6 +26,8 @@ import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+
import org.opensaml.saml2.core.Attribute;
import at.gv.egovernment.moa.id.auth.builder.DynamicOAAuthParameterBuilder;
@@ -52,6 +54,15 @@ import eu.stork.peps.auth.commons.STORKAuthnResponse;
*/
public class MOASTORKRequest extends RequestImpl {
+ /**
+ * @param req
+ * @throws ConfigurationException
+ */
+ public MOASTORKRequest(HttpServletRequest req)
+ throws ConfigurationException {
+ super(req);
+ }
+
public static final List<String> DEFAULTREQUESTEDATTRFORINTERFEDERATION = Arrays.asList(
new String[] {
PVPConstants.BPK_NAME,
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
index d2cf2e813..a233835bf 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java
@@ -22,6 +22,7 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.stork2;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
import at.gv.egovernment.moa.logging.Logger;
@@ -33,6 +34,8 @@ import eu.stork.peps.auth.commons.STORKAuthnResponse;
import java.io.Serializable;
import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+
import org.opensaml.saml2.core.Attribute;
/**
@@ -43,6 +46,15 @@ import org.opensaml.saml2.core.Attribute;
public class MOASTORKResponse extends RequestImpl {
/**
+ * @param req
+ * @throws ConfigurationException
+ */
+ public MOASTORKResponse(HttpServletRequest req)
+ throws ConfigurationException {
+ super(req);
+ }
+
+ /**
* The Constant serialVersionUID.
*/
private static final long serialVersionUID = -5798803155055518747L;
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
index e58fe804f..2351450e4 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java
@@ -92,7 +92,7 @@ public class MandateRetrievalRequest implements IAction {
if (oaParam == null)
throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()});
- MOASTORKResponse moaStorkResponse = new MOASTORKResponse();
+ MOASTORKResponse moaStorkResponse = new MOASTORKResponse(httpReq);
STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse();
this.authData = authData;
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 071b5ae8a..c4f9658e4 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -91,8 +91,8 @@ public class STORKProtocol extends MOAIDAuthConstants implements IModulInfo {
Logger.debug("Request content length: " + request.getContentLength());
Logger.debug("Initiating action: " + action);
- MOASTORKRequest STORK2Request = new MOASTORKRequest();
- MOASTORKResponse STORK2Response = new MOASTORKResponse();
+ MOASTORKRequest STORK2Request = new MOASTORKRequest(request);
+ MOASTORKResponse STORK2Response = new MOASTORKResponse(request);
if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action))
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index d44e2a18a..69cd7c217 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -41,6 +41,10 @@
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
</exclusion>
+ <exclusion>
+ <artifactId>DocumentService</artifactId>
+ <groupId>eu.stork</groupId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>